66ee271e63f19f465792f22c8fcdfda5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66ee271e63f19f465792f22c8fcdfda5
Size

260KB
MD5

66ee271e63f19f465792f22c8fcdfda5
SHA1

20635163d3bc95aa4b4ef45aaf14a3fc164c0cc5
SHA256

c25f6ae7d31a63e24aef7e7a72bc9958a66a97c427d79e1469eecee783de6b58
SHA512

1d9e983faa2249ce666b9af5cc22361f8b6529105dfa32853fe4fa3fd7d537ab94db068a23821d422512ccf8935d3efdee34b17172fa7a443446e011a138fec8
SSDEEP

3072:z3kn0luQnqReiRS9efntBBcZVu2ubsjoKs13wnDmYJS/:z0jiGeRIfnPBgcnlwnDVY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66ee271e63f19f465792f22c8fcdfda5

Files

66ee271e63f19f465792f22c8fcdfda5
.exe windows:4 windows x86 arch:x86

6899e3092154ad7a9da48551b23de17c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateBrushIndirect
RestoreDC
GetObjectA
GetPixel
SaveDC

msvcrt

swprintf
sprintf
rand
memmove
atol
clock
calloc
memcpy
sqrt
exit

kernel32

SizeofResource
VirtualAlloc
GetSystemDefaultLangID
GetModuleHandleA
LoadLibraryExA
GetACP
GetCurrentProcessId
GetLastError
HeapDestroy
MoveFileA
GetProcessHeap
ExitProcess
GetCurrentThreadId
ExitThread
HeapFree

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFolderPathA

comdlg32

FindTextA
GetOpenFileNameA
GetFileTitleA

Sections

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE